Summary: Kaspersky has revealed multiple vulnerabilities in the Mercedes-Benz User Experience (MBUX) infotainment system, which can potentially be exploited for various attacks. The carmaker has confirmed that these vulnerabilities have been patched and are difficult to exploit, requiring physical access to the vehicle. Mercedes-Benz emphasizes the importance of security and encourages researchers to report any findings through their vulnerability disclosure program.
Threat Actor: Unknown | unknown
Victim: Mercedes-Benz | Mercedes-Benz
Keypoints :
- Kaspersky identified vulnerabilities in the first generation MBUX that could lead to DoS attacks, data extraction, command injection, and privilege escalation.
- Exploitation of these vulnerabilities requires physical access to the vehicle and manipulation of the head unit.
- Mercedes-Benz has been aware of these vulnerabilities since 2022 and assures customers that newer versions of the infotainment system are not affected.
Source: https://www.securityweek.com/details-disclosed-for-mercedes-benz-infotainment-vulnerabilities/